The following tables list API operations available for use in Web Application Firewall (WAF).

Instance management

Operation Description
DescribeInstanceInfo Queries the basic information about the WAF instance that you purchase. The information includes the ID, type, and status of the WAF instance.
DescribeInstanceSpecInfo Queries the specification information about the WAF instance that you purchase.
DeleteInstance Releases a subscription WAF instance that expires.

Domain name configurations

Operation Description
DescribeDomainNames Queries all the domain names that are added to WAF.
Note This operation returns all the domain names at a time. We recommend that you call the DescribeDomainList operation, which returns domain names by page.
DescribeDomainList Queries the domain names that are added to WAF by page.
Note This operation allows you to specify different conditions for the query and returns query results by page. If you want to query a large number of domain names, we recommend that you call the operation.
DescribeDomain Queries the configuration of a specific domain name that is added to WAF.
CreateDomain Adds a domain name to WAF.
ModifyDomain Modifies the configuration of a specific domain name.
DeleteDomain Removes a domain name from WAF.
DescribeCertificates Queries the certificates that are associated with a specific domain name. The certificates are managed by SSL Certificates Service.
DescribeCertMatchStatus Checks whether the certificate and the private key that you upload for a specific domain name match each other.
CreateCertificate Uploads the certificate and private key for a domain name that is added to WAF.
CreateCertificateByCertificateId Uploads the certificate for a specific domain name based on the certificate ID.
DescribeDomainBasicConfigs Queries the protection status of a domain name that is added to WAF.
DescribeDomainAdvanceConfigs Queries the configuration details of a domain name that is added to WAF.

Protection configurations

Operation Description
ModifyDomainIpv6Status Enables or disables IPv6 traffic protection for a domain name.
DescribeProtectionModuleStatus Queries whether a specific WAF protection module is enabled. The WAF protection modules include web intrusion prevention, data security, advanced protection, bot management, and access control or throttling.
ModifyProtectionModuleStatus Enables or disables a specific WAF protection module. The WAF protection modules include web intrusion prevention, data security, advanced protection, bot management, and access control or throttling.
DescribeProtectionModuleMode Queries the protection mode of a specific WAF protection module. The WAF protection modules include the Protection Rules Engine, Big Data Deep Learning Engine, HTTP flood protection, data risk control, and proactive defense.
ModifyProtectionModuleMode Modifies the protection mode of a specific WAF protection module. The WAF protection modules include the Protection Rules Engine, Big Data Deep Learning Engine, HTTP flood protection, data risk control, and proactive defense.
DescribeProtectionModuleRules Queries the rules that are created for a specific WAF protection module. The WAF protection modules include web intrusion prevention, data security, bot management, access control or throttling, and website whitelist.
CreateProtectionModuleRule Creates rules for a specific WAF protection module. The WAF protection modules include web intrusion prevention, data security, bot management, access control or throttling, and whitelist.
ModifyProtectionModuleRule Modifies the rules that are created for a specific WAF protection module. The WAF protection modules include web intrusion prevention, data security, advanced protection, bot management, access control or throttling, and website whitelist.
ModifyProtectionRuleStatus Enables or disables the rules that are created for a specific WAF protection module. The WAF protection modules include website tamper-proofing, allowed crawlers, bot threat intelligence, custom protection policy, and website whitelist.
DescribeDomainRuleGroup Queries the ID of the protection rule group that is provided by the Protection Rules Engine for a specific domain name.
SetDomainRuleGroup Configures the protection rule group that is provided by the Protection Rules Engine for a specific domain name. The system provides three default protection rule groups. You can also select a custom protection rule group.
ModifyProtectionRuleCacheStatus Updates the cached pages of a domain name that is protected by a specific website tamper-proofing rule.
DeleteProtectionModuleRule Deletes the rule that is created for a specific WAF protection module
DescribeProtectionModuleCodeConfig Queries the codes of regions that can be configured in the WAF region blacklist.

Log management

Operation Description
ModifyLogServiceStatus Enables or disables the log collection feature for a domain name.
ModifyLogRetrievalStatus Enables or disables the log retrieval feature for a domain name.
DescribeLogServiceStatus Queries whether the log collection feature is enabled for the domain names that are added to WAF.

System management

Operation Description
DescribeWafSourceIpSegment Queries the back-to-origin CIDR blocks that are used by the WAF protection cluster.